Skip to main content

picoclaw

PicoClaw is a lightweight AI assistant for low-resource devices, enabling seamless integration with messaging platforms and LLM providers.

Install this skill

or
67/100

Security score

The picoclaw skill was audited on May 13, 2026 and we found 9 security issues across 1 threat category. Review the findings below before installing.

Categories Tested

Security Issues

medium line 24

Access to hidden dotfiles in home directory

SourceSKILL.md
24PicoClaw is an ultra-lightweight personal AI assistant that runs on devices with as little as 10 MB RAM and boots in under 1 second. It connects to LLM providers (OpenRouter, Anthropic, OpenAI, Gemini
low line 37

Access to hidden dotfiles in home directory

SourceSKILL.md
37make install # installs to ~/.local/bin
low line 54

Access to hidden dotfiles in home directory

SourceSKILL.md
54picoclaw onboard # creates ~/.picoclaw/config.json interactively
medium line 57

Access to hidden dotfiles in home directory

SourceSKILL.md
57This generates the config file and workspace directory at `~/.picoclaw/workspace/`.
medium line 61

Access to hidden dotfiles in home directory

SourceSKILL.md
61Edit `~/.picoclaw/config.json`. Set the model and at least one provider API key:
low line 67

Access to hidden dotfiles in home directory

SourceSKILL.md
67"workspace": "~/.picoclaw/workspace",
medium line 130

Access to hidden dotfiles in home directory

SourceSKILL.md
130**Heartbeat** reads `~/.picoclaw/workspace/HEARTBEAT.md` every N minutes and executes tasks:
medium line 157

Access to hidden dotfiles in home directory

SourceSKILL.md
157Workspace at `~/.picoclaw/workspace/` contains: `sessions/` (history), `memory/` (MEMORY.md), `cron/` (scheduled jobs), `skills/`, plus markdown files for agent identity (`IDENTITY.md`, `SOUL.md`, `AG
medium line 175

Access to hidden dotfiles in home directory

SourceSKILL.md
1752. Edit `~/.picoclaw/config.json`:
Scanned on May 13, 2026
View Security Dashboard
Installation guide →
GitHub Stars 49
Rate this skill
Categorydevelopment
UpdatedMay 20, 2026
openclawapibackendml-ai-engineerdevops-srebackend-developerproduct-managertechnical-pmdockertelegramdiscordslackopenaianthropicgroqdevelopmentproduct
TerminalSkills/skills